Tài liệu này dành cho sinh viên, giáo viên khối ngành công nghệ thông tin tham khảo và có những bài học bổ ích hơn, bổ trợ cho việc tìm kiếm tài liệu, giáo án, giáo trình, bài giảng các môn học khối ngành công nghệ thông tin
Trang 1Chapter 1 Exercise Solutions
1.1 Give five types of hardware resource and five types of data or software resource that can usefully
be shared Give examples of their sharing as it occurs in distributed systems
1.1 Ans.
Hardware:
CPU: compute server (executes processor-intensive applications for clients), remote object server(executes methods on behalf of clients), worm program (shares cpu capacity of desktop machine with thelocal user) Most other servers, such as file servers, do some computation for their clients, hence their cpu
is a shared resource
memory: cache server (holds recently-accessed web pages in its RAM, for faster access by other localcomputers)
disk: file server, virtual disk server (see Chapter 8), video on demand server (see Chapter 15)
screen: Network window systems, such as X-11, allow processes in remote computers to update thecontent of windows
printer: networked printers accept print jobs from many computers managing them with a queuingsystem
network capacity: packet transmission enables many simultaneous communication channels (streams ofdata) to be transmitted on the same circuits
video/audio stream: Servers can store entire videos on disk and deliver them at playback speed to multipleclients simultaneously
exclusive lock: a system-level object provided by a lock server, enabling several clients to coordinate theiruse of a resource (such as printer that does not include a queuing scheme)
Distributed Systems: Concepts and Design
Edition 3
By George Coulouris, Jean Dollimore and Tim Kindberg Addison-Wesley, ©Pearson Education 2001
Trang 21.2 How might the clocks in two computers that are linked by a local network be synchronized without
reference to an external time source? What factors limit the accuracy of the procedure you have
described? How could the clocks in a large number of computers connected by the Internet be
synchronized? Discuss the accuracy of that procedure
For a large number of computers, one computer should be nominated to act as the time server and itshould carry out Cristian’s protocol with all of them The protocol can be initiated by each in turn Additionalinaccuracies arise in the Internet because messages are delayed as they pass through switches in wider areanetworks For a wide area network the accuracy is probably within 5-10 ms These answers do not take intoaccount the need for fault-tolerance See Chapter 10 for further details
1.3 A user arrives at a railway station that she has never visited before, carrying a PDA that is capable
of wireless networking Suggest how the user could be provided with information about the local
services and amenities at that station, without entering the station’s name or attributes What
technical challenges must be overcome?
1.3 Ans.
The user must be able to acquire the address of locally relevant information as automatically as possible Onemethod is for the local wireless network to provide the URL of web pages about the locality over a localwireless network
For this to work: (1) the user must run a program on her device that listens for these URLs, and which givesthe user sufficient control that she is not swamped by unwanted URLs of the places she passes through; and(2) the means of propagating the URL (e.g infrared or an 802.11 wireless LAN) should have a reach thatcorresponds to the physical spread of the place itself
1.4 What are the advantages and disadvantages of HTML, URLs and HTTP as core technologies for
information browsing? Are any of these technologies suitable as a basis for client-server
HTTP is a simple protocol that can be implemented with a small footprint, and which can be put to use in manytypes of content transfer and other types of service Its verbosity (HTML messages tend to contain manystrings) makes it inefficient for passing small amounts of data
HTTP and URLs are acceptable as a basis for client-server computing except that (a) there is no strong checking (web services operate by-value type checking without compiler support), (b) there is the inefficiencythat we have mentioned
type-1.5 Use the World Wide Web as an example to illustrate the concept of resource sharing, client and
server
Resources in the World Wide Web and other services are named by URLs What do the initials
Trang 3URL denote? Give examples of three different sorts of web resources that can be named by URLs.
1.5 Ans.
Web Pages are examples of resources that are shared These resources are managed by Web servers
Client-server architecture The Web Browser is a client program (e.g Netscape) that runs on the user'scomputer The Web server accesses local files containing the Web pages and then supplies them to clientbrowser processes
URL - Uniform Resource Locator
(3 of the following a file or a image, movies, sound, anything that can be rendered, a query to a database or to
a search engine
1.6 Give an example of a URL
List the three main components of a URL, stating how their boundaries are denoted and illustrating
each one from your example
To what extent is a URL location transparent?
1.6 Ans.
http://www.dcs.qmw.ac.uk/research/distrib/index.html
• The protocol to use the part before the colon, in the example the protocol to use is http ("HyperTextTransport Protocol")
• The part between // and / is the Domain name of the Web server host www.dcs.qmw.ac.uk
• The remainder refers to information on that host - named within the top level directory used by that Webserver research/distrib/book.html
The hostname www is location independent so we have location transparency in that the address
of a particular computer is not included Therefore the organisation may move the Web service to
another computer
But if the responsibility for providing a WWW-based information service moves to another
organisation, the URL would need to be changed
1.7 A server program written in one language (for example C++) provides the implementation of a
BLOB object that is intended to be accessed by clients that may be written in a different language
(for example Java) The client and server computers may have different hardware, but all of them
are attached to an internet Describe the problems due to each of the five aspects of heterogeneity
that need to be solved to make it possible for a client object to invoke a method on the server
The computers may run different operating systems, therefore we need to deal with different operations
to send and receive messages or to express invocations Thus at the Java/C++ level a common operation would
be used which will be translated to the particular operation according to the operating system it runs on
We have two different programming languages C++ and Java, they use different representations for datastructures such as strings, arrays, records A common standard will be defined for each type of data structurethat must be transmitted between the object and its clients and a way of translating between that data structureand each of the languages
We may have different implementors, e.g one for C++ and the other for Java They will need to agree
on the common standards mentioned above and to document them
Trang 41.8 An open distributed system allows new resource sharing services such as the BLOB object in
Exercise 1.7 to be added and accessed by a variety of client programs Discuss in the context of
this example, to what extent the needs of openness differ from those of heterogeneity
1.8 Ans.
To add the BLOB object to an existing open distributed system, the standards mentioned in the answer toExercise 1.7 must already have been agreed for the distributed system To list them again:
• the distributed system uses a common set of communication protocols (probably Internet protocols)
• it uses an defined standard for representing data items (to deal with heterogeneity of hardware)
• It uses a common standard for message passing operations (or for invocations)
• It uses a language independent standard for representing data structures
But for the open distributed system the standards must have been agreed and documented before the BLOBobject was implemented The implementors must conform to those standards In addition, the interface to theBLOB object must be published so that when it is added to the system, both existing and new clients will beable to access it The publication of the standards allows parts of the system to be implemented by differentvendors and to work together
1.9 Suppose that the operations of the BLOB object are separated into two categories – public
operations that are available to all users and protected operations that are available only to certain
named users State all of the problems involved in ensuring that only the named users can use a
protected operation Supposing that access to a protected operation provides information that
should not be revealed to all users, what further problems arise?
1.10 The INFO service manages a potentially very large set of resources, each of which can be accessed
by users throughout the Internet by means of a key (a string name) Discuss an approach to the
design of the names of the resources that achieves the minimum loss of performance as the number
of resources in the service increases Suggest how the INFO service can be implemented so as to
avoid performance bottlenecks when the number of users becomes very large
1.10 Ans.
Algorithms that use hierarchic structures scale better than those that use linear structures Therefore thesolution should suggest a hierarchic naming scheme e.g that each resource has an name of the form ’A.B.C’etc where the time taken is O(log n) where there are n resources in the system
To allow for large numbers of users, the resources are partitioned amongst several servers, e.g namesstarting with A at server 1, with B at server 2 and so forth There could be more than one level of partitioning
as in DNS To avoid performance bottlenecks the algorithm for looking up a name must be decentralised That
is, the same server must not be involved in looking up every name (A centralised solution would use a singleroot server that holds a location database that maps parts of the information onto particular servers) Somereplication is required to avoid such centralisation For example: i) the location database might be replicated
Trang 5at multiple root servers or ii) the location database might be replicated in every server In both cases, differentclients must access different servers (e.g local ones or randomly).
1.11 List the three main software components that may fail when a client process invokes a method in
a server object, giving an example of a failure in each case To what extent are these failures
independent of one another? Suggest how the components can be made to tolerate one another’s
failures
1.11 Ans.
The three main software components that may fail are:
• the client process e.g it may crash
• the server process e.g the process may crash
• the communication software e.g a message may fail to arriveThe failures are generally caused independently of one another Examples of dependent failures:
• if the loss of a message causes the client or server process to crash (The crashing of a server would cause
a client to perceive that a reply message is missing and might indirectly cause it to fail)
• if clients crashing cause servers problems
• if the crash of a process causes a failures in the communication software
Both processes should be able to tolerate missing messages The client must tolerate a missing reply messageafter it has sent an invocation request message Instead of making the user wait forever for the reply, a clientprocess could use a timeout and then tell the user it has not been able to contact the server
A simple server just waits for request messages, executes invocations and sends replies It should beabsolutely immune to lost messages But if a server stores information about its clients it might eventually fail
if clients crash without informing the server (so that it can remove redundant information) (See statelessservers in chapter 4/5/8)
The communication software should be designed to tolerate crashes in the communicating processes.For example, the failure of one process should not cause problems in the communication between the survivingprocesses
1.12 A server process maintains a shared information object such as the BLOB object of Exercise 1.7
Give arguments for and against allowing the client requests to be executed concurrently by the
server In the case that they are executed concurrently, give an example of possible ‘interference’
that can occur between the operations of different clients Suggest how such interference may be
To overcome interference use some form of concurrency control For example, for a Java server usesynchronized operations such as credit and debit
Trang 61.13 A service is implemented by several servers Explain why resources might be transferred between
them Would it be satisfactory for clients to multicast all requests to the group of servers as a way
of achieving mobility transparency for clients?
1.13 Ans.
Migration of resources (information objects) is performed: to reduce communication delays (place objects in
a server that is on the same local network as their most frequent users); to balance the load of processing and
or storage utilisation between different servers
If all servers receive all requests, the communication load on the network is much increased and servers must
do unnecessary work filtering out requests for objects that they do not hold
Trang 7Chapter 2 Exercise Solutions
2.1 Describe and illustrate the client-server architecture of one or more major Internet applications (forexample the Web, email or netnews)
2.1 Ans.
Web:
Browsers are clients of Domain Name Servers (DNS) and web servers (HTTP) Some intranets areconfigured to interpose a Proxy server Proxy servers fulfil several purposes – when they are located at thesame site as the client, they reduce network delays and network traffic When they are at the same site as theserver, they form a security checkpoint (see pp 107 and 271) and they can reduce load on the server.N.B DNS servers are also involved in all of the application architectures described below, but they ore omittedfrom the discussion for clarity
Distributed Systems: Concepts and Design
Edition 3
By George Coulouris, Jean Dollimore and Tim Kindberg Addison-Wesley, ©Pearson Education 2001.
Proxy server
server Browser
DNS server
DNS server
HTTP
DNS
Trang 8Posting news articles: User Agent (the user’s news composing program) is a client of a local NNTP server andpasses each outgoing article to the NNTP server for delivery Each article is assigned a unique identifier EachNNTP server holds a list of other NNTP servers for which it is a newsfeed – they are registered to receivearticles from it It periodically contacts each of the registered servers, delivers any new articles to them andrequests any that they have which it has not (using the articles’ unique id’s to determine which they are) Toensure delivery of every article to every Netnews destination, there must be a path of newsfeed connectionsfrom that reaches every NNTP server
Browsing/reading articles: User Agent (the user’s news reading program) is a client of a local NNTP server.The User Agent requests updates for all of the newsgroups to which the user subscribes and presents them tothe user
IMAP server
POP server
User agent
SMTP
Sending messages:
SMTP server
Local file server
NFS
User agent
Sender’s intranet Recipient’s mailhost intranet
Reading messages:
Local file server
Recipient’s mailhost intranet
User agent POP
NFS protocol
User agent IMAP
User agent
SMTP
NFS
Posting news articles :
NNTP server
User agent
User agent
NNTP
Browsing/reading articles :
NNTP server
NNTP server
NNTP server
NNTP server NNTP
server
NNTP server
NNTP server
User agent
User agent
NNTP
Trang 92.2 For the applications discussed in Exercise 2.1 state how the servers cooperate in providing a
service
2.2 Ans.
Web: Web servers cooperate with Proxy servers to minimize network traffic and latency Responsibility forconsistency is taken by the proxy servers - they check the modification dates of pages frequently with theoriginating web server
Mail: SMTP servers do not necessarily hold mail delivery routing tables to all destinations Instead, theysimply route messages addressed to unknown destinations to another server that is likely to have the relevanttables
Netnews: All NNTP servers cooperate in the manner described above to provide the newsfeed mechanism
2.3 How do the applications discussed in Exercise 2.1 involve the partitioning and/or replication (or
caching) of data amongst servers?
Mail: Messages are stored only at their destinations That is, the mail service is based mainly on partitioning,although a message to multiple recipients is replicated at several destinations
Netnews: Each group is replicated only at sites requiring it
2.4 A search engine is a web server that responds to client requests to search in its stored indexes and
(concurrently) runs several web crawler tasks to build and update the indexes What are the
requirements for synchronization between these concurrent activities?
2.4 Ans.
The crawler tasks could build partial indexes to new pages incrementally, then merge them with the activeindex (including deleting invalid references) This merging operation could be done on an off-line copy.Finally, the environment for processing client requests is changed to access the new index The latter mightneed some concurrency control, but in principle it is just a change to one reference to the index which should
be atomic
2.5 Suggest some applications for the peer process model, distinguishing between cases when the state
of all peers needs to be identical and cases that demand less consistency
2.5 Ans.
Cooperative work (groupware) applications that provide a peer process near to each user
Applications that need to present all users with identical state - shared whiteboard, shared view of a textualdiscussion
Less consistency: where a group of users are working on a shared document, but different users accessdifferent parts or perhaps one user locks part of the document and the others are shown the new versionwhen it is ready
Some services are effectively groups of peer processes to provide availability or fault tolerance If theypartition data then they don’t need to keep consistent at all If they replicate then they do
Trang 102.6 List the types of local resource that are vulnerable to an attack by an untrusted program that is
downloaded from a remote site and run in a local computer
It may also impersonate the user in various ways, for example, sending/receiving email
2.7 Give some examples of applications where the use of mobile code is beneficial
2.7 Ans.
Doing computation close to the user, as in Applets example
Enhancing browser- as described on page 70 e.g to allow server initiated communication
Cases where objects are sent to a process and the code is required to make them usable (e.g as in RMI inChapter 5)
2.8 What factors affect the responsiveness of an application that accesses shared data managed by a
server? Describe remedies that are available and discuss their usefulness
2.9 Distinguish between buffering and caching
2.9 Ans.
Buffering: a technique for storing data transmitted from a sending process to a receiving process in localmemory or secondary (disk) storage until the receiving process is ready to consume it For example, whenreading data from a file or transmitting messages through a network, it is beneficial to handle it in large blocks.The blocks are held in buffer storage in the receiving process’ memory space The buffer is released when thedata has been consumed by the process
Caching: a technique for optimizing access to remote data objects by holding a copy of them in local memory
or secondary (disk) storage Accesses to parts of the remote object are translated into accesses to thecorresponding parts of the local copy Unlike buffering, the local copy may be retained as long as there is localmemory available to hold it A cache management algorithm and a release strategy are needed to manage theuse of the memory allocated to the cache (If we interpret the word ‘remote’ in the sense of ‘further from theprocessor’, then this definition is valid not only for client caches in distributed systems but also for disk blockcaches in operating systems and processor caches in cpu chips.)
Trang 112.10 Give some examples of faults in hardware and software that can/cannot be tolerated by the use of
redundancy in a distributed system To what extent does the use of redundancy in the appropriate
cases make a system fault-tolerant?
Redundancy makes faults less likely to occur e.g if the probability of failure in a single component is p thenthe probability of a single independent failure in k replicas is pk
2.11 Consider a simple server that carries out client requests without accessing other servers Explain
why it is generally not possible to set a limit on the time taken by such a server to respond to a
client request What would need to be done to make the server able to execute requests within a
bounded time? Is this a practical option?
2.11 Ans.
The rate of arrival of client requests is unpredictable
If the server uses threads to execute the requests concurrently, it may not be able to allocate sufficienttime to a particular request within any given time limit
If the server queues the request and carries them out one at a time, they may wait in the queue for anunlimited amount of time
To execute requests within bounded time, limit the number of clients to suit its capacity To deal with moreclients, use a server with more processors After that, (or instead) replicate the service
The solution may be costly and in some cases keeping the replicas consistent may take up useful processingcycles, reducing those available for executing requests
2.12 For each of the factors that contribute to the time taken to transmit a message between two
processes over a communication channel, state what measures would be needed to set a bound on
its contribution to the total time Why are these measures not provided in current general-purpose
distributed systems?
2.12 Ans.
Time taken by OS communication services in the sending and receiving processes - these tasks would need to
be guaranteed sufficient processor cycles
Time taken to access network The pair of communicating processes would need to be given guaranteednetwork capacity
The time to transmit the data is a constant once the network has been accessed
To provide the above guarantees we would need more resources and associated costs The guaranteesassociated with accessing the network can for example be provided with ATM networks, but they areexpensive for use as LANs
To give guarantees for the processes is more complex For example, for a server to guarantee to receiveand send messages within a time limit would mean limiting the number of clients
2.13 The Network Time Protocol service can be used to synchronize computer clocks Explain why,
even with this service, no guaranteed bound given for the difference between two clocks
Trang 122.13 Ans.
Any client using the ntp service must communicate with it by means of messages passed over a communicationchannel If a bound can be set on the time to transmit a message over a communication channel, then thedifference between the client’s clock and the value supplied by the ntp service would also be bounded Withunbounded message transmission time, clock differences are necessarily unbounded
2.14 Consider two communication services for use in asynchronous distributed systems In service A,
messages may be lost, duplicated or delayed and checksums apply only to headers In service B,
messages may be lost delayed or delivered too fast for the recipient to handle them, but those that
are delivered arrive order and with the correct contents
Describe the classes of failure exhibited by each service Classify their failures according to their
effect on the properties of validity and integrity Can service B be described as a reliable
omission failures (lost messages)
Because the distributed system in which it is used is asynchronous, it cannot suffer from timing failures.Validity - is denied by lost messages
Integrity - is denied by corrupted messages and duplicated messages
Service B can have:
omission failures (lost messages, dropped messages)
Because the distributed system in which it is used is asynchronous, it cannot suffer from timing failures
It passes the integrity test, but not the validity test, therefore it cannot be called reliable
2.15 Consider a pair of processes X and Y that use the communication service B from Exercise 2.14 to
communicate with one another Suppose that X is a client and Y a server and that an invocation
consists of a request message from X to Y (that carries out the request) followed by a reply
message from Y to X Describe the classes of failure that may be exhibited by an invocation
2.15 Ans.
An invocation may suffer from the following failures:
• crash failures: X or Y may crash Therefore an invocation may suffer from crash failures
• omission failures: as SB suffers from omission failures the request or reply message may be lost
2.16 Suppose that a basic disk read can sometimes read values that are different from those written
State the type of failure exhibited by a basic disk read Suggest how this failure may be masked in
order to produce a different benign form of failure Now suggest how to mask the benign failure
2.16 Ans.
The basic disk read exhibit arbitrary failures
This can be masked by using a checksum on each disk block (making it unlikely that wrong values will
go undetected) - when an incorrect value is detected, the read returns no value instead of a wrong value - anomission failure
The omission failures can be masked by replicating each disk block on two independent disks (Makingomission failures unlikely)
Trang 13
2.17 Define the integrity property of reliable communication and list all the possible threats to integrity
from users and from system components What measures can be taken to ensure the integrity
property in the face of each of these sources of threats
2.17 Ans.
Integrity - the message received is identical to the one sent and no messages are delivered twice
threats from users:
• injecting spurious messages, replaying old messages, altering messages during transmissionthreats from system components:
• messages may get corrupted en route
• messages may be duplicated by communication protocols that retransmit messages
For threats from users - at the Chapter 2 stage they might just say use secure channels If they have looked atChapter 7 they may be able to suggest the use of authentication techniques and nonces
For threats from system components Checksums to detect corrupted messages - but then we get a validityproblem (dropped message) Duplicated messages can be detected if sequence numbers are attached tomessages
2.18 Describe possible occurrences of each of the main types of security threat (threats to processes,
threats to communication channels, denial of service) that might occur in the Internet
2.18 Ans.
Threats to processes: without authentication of principals and servers, many threats exist An enemy couldaccess other user’s files or mailboxes, or set up ‘spoof’ servers E.g a server could be set up to ‘spoof’ a bank’sservice and receive details of user’s financial transactions
Threats to communication channels: IP spoofing - sending requests to servers with a false source address, in-the-middle attacks
man-Denial of service: flooding a publicly-available service with irrelevant messages
Trang 14Chapter 3 Exercise Solutions
3.1 A client sends a 200 byte request message to a service, which produces a response containing 5000bytes Estimate the total time to complete the request in each of the following cases, with theperformance assumptions listed below:
i) Using connectionless (datagram) communication (for example, UDP);
ii) Using connection-oriented communication (for example, TCP);
iii) The server process is in the same machine as the client
[Latency per packet (local or remote, incurred on both send and receive):5 milliseconds Connection setup time (TCP only):5 milliseconds Data transfer rate:10 megabits per second MTU:1000 bytes
Server request processing time:2 milliseconds Assume that the network is lightly loaded.]
3.1 Ans.
The send and receive latencies include (operating system) software overheads as well as network delays.Assuming that the former dominate, then the estimates are as below If network overheads dominate,then the times may be reduced because the multiple response packets can be transmitted and receivedright after each other
i) UDP: 5 + 2000/10000 + 2 + 5(5 + 10000/10000) = 37.2 milliseconds ii) TCP: 5 + 5 + 2000/10000 + 2 + 5(5 + 10000/10000) = 42.2 milliseconds iii)same machine: the messages can be sent by a single in memory copy; estimate interprocess data transferrate at 40 megabits/second Latency/message ~5 milliseconds Time for server call:
a router than has more complete routing information, until one is encountered that has a specific entry for therelevant network id
3.3 What is the task of an Ethernet switch? What tables does it maintain?
Trang 15addresses from the source address fields on each network The switch receives all the packets transmitted onthe Ethernets to which it is connected It looks up the destination of each packet in its routing tables If thedestination is not found, the destination host must be one about which the switch has not yet learned and thepacket must be forwarded to all the connected networks to ensure delivery If the destination address is on thesame Ethernet as the source, the packet is ignored, since it will be delivered directly In all other cases, theswitch tranmits the packet on the destination host’s network, determined from the routing information.
3.4 Make a table similar to Figure 3.5 describing the work done by the software in each protocol layer
when Internet applications and the TCP/IP suite are implemented over an Ethernet
3.4 Ans.
3.5 How has the end-to-end argument [Saltzer et al. 1984] been applied to the design of the Internet?
Consider how the use of a virtual circuit network protocol in place of IP would impact the
feasibility of the World Wide Web
3.5 Ans.
Quote from [www.reed.com]: This design approach has been the bedrock under the Internet's design The mail and web (note they are now lower-case) infrastructure that permeates the world economy would not havebeen possible if they hadn't been built according to the end-to-end principle Just remember: underlying a webpage that comes up in a fraction of a second are tens or even hundreds of packet exchanges with manyunrelated computers If we had required that each exchange set up a virtual circuit registered with each router
e-on the network, so that the network could track it, the overhead of registering circuits would dominate the cost
of delivering the page Similarly, the decentralized administration of email has allowed the development of listservers and newsgroups which have flourished with little cost or central planning
3.6 Can we be sure that no two computers in the Internet have the same IP addresses?
3.6 Ans.
This depends upon the allocation of network ids to user organizations by the Network Information Center(NIC) Of course, networks with unauthorized network ids may become connected, in which case therequirement for unique IP addresses is broken
3.7 Compare connectionless (UDP) and connection-oriented (TCP) communication for the
implementation of each of the following application-level or presentation-level protocols:
i) virtual terminal access (for example, Telnet);
ii) file transfer (for example, FTP);
iii) user location (for example, rwho, finger);
iv) information browsing (for example, HTTP);
Application Protocols that are designed to meet the communication requirements of
specific applications, often defining the interface to a service network representation that is independent of the representations used in individual computers Encryption is performed in this layer
HTTP, FTP, SMTP, CORBA IIOP, Secure Sockets Layer, CORBA Data Rep Transport UDP: checksum validation, delivery to process ports TCP: segmentation, flow
control, acknowledgement and reliable delivery.
TCP, UDP
Network IP addresses translated to Ethernet addresses (using ARP) IP packets
segmented into Ether packets.
Trang 16v) remote procedure call.
3.7 Ans.
i) The long duration of sessions, the need for reliability and the unstructured sequences of characterstransmitted make connection-oriented communication most suitable for this application Performance isnot critical in this application, so the overheads are of little consequence
ii) File calls for the transmission of large volumes of data Connectionless would be ok if error rates are lowand the messages can be large, but in the Internet, these requirements aren’t met, so TCP is used.iii)Connectionless is preferable, since messages are short, and a single message is sufficient for eachtransaction
iv)Either mode could be used The volume of data transferred on each transaction can be quite large, soTCP is used in practice
v) RPC achieves reliability by means of timeouts and re-trys so connectionless (UDP) communication isoften preferred
3.8 Explain how it is possible for a sequence of packets transmitted through a wide area network to
arrive at their destination in an order that differs from that in which they were sent Why can’t this
happen in a local network? Can it happen in an ATM network?
3.8 Ans.
Packets transmitted through a store-and-forward network travels by a route that is determined dynamically foreach packet Some routes will have more hops or slower switches than others Thus packets may overtake eachother Connection-oriented protocols such as TCP overcome this by adding sequence numbers to the packetsand re-ordering them at the receiving host
It can’t happen in local networks because the medium provides only a single channel connecting all ofthe hosts on the network Packets are therefore transmitted and received in strict sequence
It can’t happen in ATM networks because they are connection-oriented Transmission is always throughvirtual channels, and VCs guarantee to deliver data in the order in which it is transmitted
3.9 A specific problem that must be solved in remote terminal access protocols such as Telnet is the
need to transmit exceptional events such as ‘kill signals’ from the ‘terminal’ to the host in advance
of previously-transmitted data Kill signals should reach their destination ahead of any other
ongoing transmissions Discuss the solution of this problem with connection-oriented and
With connectionless protocols, the process at the sender simply recognizes the event and sends amessage containing a kill signal in the next outgoing packet The message must be resent until the receivingprocess acknowledges it
3.10 What are the disadvantages of using network-level broadcasting to locate resources:
Trang 17note that the Internet ARP does rely on Ethernet braodcasting The trick is that it doesn’t do it very often - justonce for each host to locate other hosts on the local net that it needs to communicate with.
ii Broadcasting is hardly feasible in a large-scale network such as the Internet It might just be possible
in an intranet, but ought to be avoided for the reasons given above
Ethernet multicast addresses are matched in the Ethernet controller Multicast message are passed up tothe OS only for addresses that match multicast groups the local host is subscribing to If there are several such,the address can be used to discriminate between several daemon processes to choose one to handle eachmessage
3.11 Suggest a scheme that improves on MobileIP for providing access to a web server on a mobile
device which is sometimes connected to the Internet by mobile phone and at other times has a
wired connection to the Internet at one of several locations
3.11 Ans.
The idea is to exploit the cellular phone system to locate the mobile device and to give the IP address of itscurrent location to the client
3.12 Show the sequence of changes to the routing tables in Figure 3.8 that would occur (according to
the RIP algorithm given in Figure 3.9) after the link labelled 3 in Figure 3.7 is broken
3.12 Ans.
Routing tables with changes shown in red (grey in monochrome printouts):
Step 1: costs for routes that use Link 3 have been set to ∞ at A, D
ABCDE
local1131
012
∞
2
ABCDE
1local214
10121
ABCDE
22local55
21021
Routings from D Routings from E
ABCDE
336local6
∞
∞
201
ABCDE
4456local
21110Step 2: after first exchange of routing tables
ABCDE
local1131
012
∞
2
ABCDE
1local214
101
∞
1
ABCDE
22local55
21021
Routings from D Routings from E
ABCDE
336local6
∞
∞
201
ABCDE
4456local
21110
Trang 18
3.13 Use the diagram in Figure 3.13 as a basis for an illustration showing the segmentation and
encapsulation of an HTTP request to a server and the resulting reply Assume that request is a short
HTTP message, but the reply includes at least 2000 bytes of html
3.13 Ans.
Left to the reader
3.14 Consider the use of TCP in a Telnet remote terminal client How should the keyboard input be
buffered at the client? Investigate Nagle’s and Clark’s algorithms [Nagle 1984, Clark 1982] for
flow control and compare them with the simple algorithm described on page 103 when TCP is
used by (a) a web server, (b) a Telnet application, (c) a remote graphical application with
continuous mouse input
Step 3: after second exchange of routing tables
ABCDE
local1131
012
∞
2
ABCDE
1local244
101
2
1
ABCDE
22local55
21021
Routings from D Routings from E
ABCDE
666local6
32
201
ABCDE
4456local
21110Step 4: after third exchange of routing tables
ABCDE
local1111
012
3
2
ABCDE
1local244
101
2
1
ABCDE
22local55
21021
Routings from D Routings from E
ABCDE
666local6
32
201
ABCDE
4456local
21110
Trang 193.14 Ans.
The basic TCP buffering algorithm described on p 105 is not very efficient for interactive input Nagle’salgorithm is designed to address this It requires the sending machine to send any bytes found in the outputbuffer, then wait for an acknowledgement Whenever an acknowledgement is received, any additionalcharacters in the buffer are sent The effects of this are:
a) For a web server: the server will normally write a whole page of HTML into the buffer in a single write.When the write is completed, Nagle’s algorithm will send the data immediately, whereas the basicalgorithm would wait 0.5 seconds While the Nagle’s algorithm is waiting for an acknowledgement, theserver process can write additional data (e.g image files) into the buffer They will be sent as soon asthe acknowledgement is received
b) For a remote shell (Telnet) application: the application will write individual key strokes into the buffer(and in the normal case of full duplex terminal interaction they are echoed by the remote host to theTelnet client for display) With the basic algorithm, full duplex operation would result in a delay of 0.5seconds before any of the characters typed are displayed on the screen With Nagle’s algorithm, the firstcharacter typed is sent immediately and the remote host echoes it with an acknowledgement piggy-backed in the same packet The acknowledgement triggers the sending of any further characters thathave been typed in the intervening period So if the remote host responds sufficiently rapidly, the display
of typed characters appears to be instantaneous But note that a badly-written remote application thatreads data from the TCP buffer one character at a time can still cause problems - each read will result in
an acknowledgement indicating that one further character should be sent - resulting in the transmission
of an entire IP frame for each character Clarke [1982] called this the silly window syndrome Hissolution is to defer the sending of acknowledgements until there is a substantial amount of free spaceavailable
c) For a continuous mouse input (e.g sending mouse positions to an X-Windows application running on acompute server): this is a difficult form of input to handle remotely The problem is that the user shouldsee a smooth feedbvack of the path traced by the mouse, with minimal lag Neither the basic TCPalgorithm nor Nagle’s nor Clarke’s algorithm achieves this very well A version of the basic algorithmwith a short timeout (0.1 seconds) is the best that can be done, and this is effective when the network islightly loaded and has low end-to-end latency - conditions that can be guaranteed only on local networkswith controlled loads
See Tanenbaum [1996] pp 534-5 for further discussion of this
3.15 Construct a network diagram similar to Figure 3.10 for the local network at your institution or
company
3.15 Ans.
Left to the reader
3.16 Describe how you would configure a firewall to protect the local network at your institution or
company What incoming and outgoing requests should it intercept?
3.16 Ans.
Left to the reader
3.17 How does a newly-installed personal computer connected to an Ethernet discover the IP addresses
of local servers? How does it translate them to Ethernet addresses?
3.17 Ans.
The first part of the question is a little misleading Neither Ethernet nor the Internet support ‘discovery’services as such A newly-installed computer must be configured with the domain names of any servers that itneeds to access The only exception is the DNS Services such as BootP and DHCP enable a newly-connectedhost to acquire its own IP address and to obtain the IP addresses of one ore more local DNS servers To obtainthe IP addresses of other servers (e.g SMTP, NFS, etc.) it must use their domain names In Unix, the nslookup
command can be used to examine the database of domain names in the local DNS servers and a user can selectapproriate ones for use as servers.The domain names are translated to IP addresses by a simple DNS request
Trang 20The Address Resolution Protocol (ARP) provides the answer to the second part of the question This isdescribed on pages 95-6 Each network type must implement ARP in its own way The Ethernet and relatednetworks use the combination of broadcasting and caching of the results of previous queries described on page96.
3.18 Can firewalls prevent denial of service attacks such as the one described on page 96? What other
methods are available to deal with such attacks?
3.18 Ans.
Since a firewall is simply another computer system placed in front of some intranet services that requireprotection, it is unlikely to be able to prevent denial of service (DoS) attacks for two reasons:
• The attacking traffic is likely to closely resemble real service requests or responses
• Even if they can be recognized as malicious (and they could be in the case described on p 96), asuccessful attack is likely to produce malicious messages in such large quantities that the firewall itself
is likely to be overwhelemed and become a bottleneck, preventing communication with the services that
to enforce these resource allocations However, this approach has not yet been fully worked out
Trang 21Chapter 4 Exercise Solutions
4.1 Is it conceivably useful for a port to have several receivers?
Note that a port group may be used to allow several processes to receive the same message
4.2 A server creates a port which it uses to receive requests from clients Discuss the design issuesconcerning the relationship between the name of this port and the names used by clients
4.2 Ans.
The main design issues for locating server ports are:
(i) How does a client know what port and IP address to use to reach a service?
The options are:
• use a name server/binder to map the textual name of each service to its port;
• each service uses well-known location-independent port id, which avoids a lookup at a name server The operating system still has to look up the whereabouts of the server, but the answer may be cached locally (ii) How can different servers offer the service at different times?
Location-independent port identifiers allow the service to have the same port at different locations If a binder
is used, the client needs to reconsult the client to find the new location
(iii) Efficiency of access to ports and local identifiers
Sometimes operating systems allow processes to use efficient local names to refer to ports This becomes anissue when a server creates a non-public port for a particular client to send messages to, because the local name
is meaningless to the client and must be translated to a global identifier for use by the client
4.3 The programs in Figure 4.3 and Figure 4.4 are available on cdk3.net/ipc Use them to make a testkit to determine the conditions in which datagrams are sometimes dropped Hint: the client programshould be able to vary the number of messages sent and their size; the server should detect when amessage from a particular client is missed
4.3 Ans.
For a test of this type, one process sends and another receives Modify the program in Figure 4.3 so that theprogram arguments specify i) the server’s hostname ii) the server port, iii) the number, n of messages to besent and iv) the length, l of the messages If the arguments are not suitable, the program should exitimmediately The program should open a datagram socket and then send n UDP datagram messages to the
Distributed Systems: Concepts and Design
Edition 3
By George Coulouris, Jean Dollimore and Tim Kindberg Addison-Wesley, ©Pearson Education 2001.
Trang 22server Message i should contain the integer i in the first four bytes and the character ‘*’ in the remaining l-4bytes It does not attempt to receive any messages.
Take a copy of the program in Figure 4.4 and modify it so that the program argument specifies the server port.The program should open a socket on the given port and then repeatedly receive a datagram message It shouldcheck the number in each message and report whenever there is a gap in the sequence of numbers in themessages received from a particular client
Run these two programs on a pair of computers and try to find out the conditions in which datagrams aredropped, e.g size of message, number of clients
4.4 Use the program in Figure 4.3 to make a client program that repeatedly reads a line of input from
the user, sends it to the server in a UDP datagram message, then receives a message from the
server The client sets a timeout on its socket so that it can inform the user when the server does
not reply Test this client program with the server in Figure 4.4
4.4 Ans.
The program is as Figure 4.4 with the following amendments:
DatagramSocket aSocket = new DatagramSocket();
aSocket.setSoTimeout(3000);// in milliseconds while (// not eof) {
}catch (InterruptedIOException e){System.out.println("server not responding”);}
4.5 The programs in Figure 4.5 and Figure 4.6 are available at cdk3.net/ipc Modify them so that the
client repeatedly takes a line of user’s input and writes it to the stream and the server reads
repeatedly from the stream, printing out the result of each read Make a comparison between
sending data in UDP datagram messages and over a stream
4.6 Use the programs developed in Exercise 4.5 to test the effect on the sender when the receiver
crashes and vice-versa
4.6 Ans.
Run them both for a while and then kill first one and then the other When the reader process crashes, the writergets IOException - broken pipe When writer process crashes, the reader gets EOF exception
4.7 Sun XDR marshals data by converting it into a standard big-endian form before transmission
Discuss the advantages and disadvantages of this method when compared with CORBA’s CDR
4.7 Ans.
The XDR method which uses a standard form is inefficient when communication takes place between pairs ofsimilar computers whose byte orderings differ from the standard It is efficient in networks in which the byte-
Trang 23ordering used by the majority of the computers is the same as the standard form The conversion by sendersand recipients that use the standard form is in effect a null operation.
In CORBA CDR senders include an identifier in each message and recipients to convert the bytes to theirown ordering if necessary This method eliminates all unnecessary data conversions, but adds complexity inthat all computers need to deal with both variants
4.8 Sun XDR aligns each primitive value on a four byte boundary, whereas CORBA CDR aligns a
primitive value of size n on an n-byte boundary Discuss the trade-offs in choosing the sizes
occupied by primitive values
4.8 Ans.
Marshalling is simpler when the data matches the alignment boundaries of the computers involved Fourbytes is large enough to support most architectures efficiently, but some space is wasted by smaller primitivevalues The hybrid method of CDR is more complex to implement, but saves some space in the marshalledform Although the example in Figure 4.8 shows that space is wasted at the end of each string because thefollowing long is aligned on a 4- byte boundary
4.9 Why is there no explicit data-typing in CORBA CDR?
4.9 Ans.
The use of data-typing produces costs in space and time The space costs are due to the extra type information
in the marshalled form (see for example the Java serialized form) The performance cost is due to the need tointerpret the type information and take appropriate action
The RMI protocol for which CDR is designed is used in a situation in which the target and the invokerknow what type to expect in the messages carrying its arguments and results Therefore type information isredundant It is of course possible to build type descriptors on top of CDR, for example by using simple strings
4.10 Write an algorithm in pseudocode to describe the serialization procedure described in Section
4.3.2 The algorithm should show when handles are defined or substituted for classes and
instances Describe the serialized form that your algorithm would produce when serializing an
instance of the following class Couple
class Couple implements Serializable{
private Person one;
private Person two;
public Couple(Person a, Person b) { one = a;
two = b;
} }
4.10 Ans.
The algorithm must describe serialization of an object as writing its class information followed by the namesand types of the instance variables.Then serialize each instance variable recursively
Trang 24for (iv = 0 to n-1)
if (primitive(iv) ) write ivelse serialize( iv)
}write object_handle
}
To describe the serialized form that your algorithm would produce when serializing an instance of
the class Couple
For example declare an instance of Couple as
Couple t1 = new Couple(new Person("Smith", "London", 1934), new Person("Jones", "Paris", 1945));
The output will be:
4.11 Write an algorithm in pseudocode to describe deserialization of the serialized form produced by
the algorithm defined in Exercise 4.10 Hint: use reflection to create a class from its name, to create
a constructor from its parameter types and to create a new instance of an object from the
constructor and the argument values
4.11 Ans.
Whenever a handle definition is read, i.e a class_info, handle correspondence or an object, handlecorrespondence, store the pair by method map When a handle is read look it up to find the corresponding class
or object
Couple 8 byte version number h0 class name, version number,
of Couple values of instance variables
Trang 25Object deserialize(byte [] stream) {Constructor aConstructor;
read class_name and class_handle;
if (class_information == null) aConstructor = lookup(class_handle);
else {Class cl = Class.forName(class_name);
read number (n) of instance variables Class parameterTypes[]= new Class[n];
for (int i=0 to n-1) {read name and class_name of instance variable iparameterTypes[i] = Class.forName(class_name);
}aConstructor = cl.getConstructor(parameterTypes);
map(aConstructor, class_handle);
}
if (next item in stream is object_handle) o = lookup(object_handle);
else {Object args[] = new Object[n];
for (int i=0 to n-1) {
if (next item in stream is primitive) args[i] = read valueelse args[i] = deserialize(//rest of stream)
}Object o = cnew.newInstance(args);
read object_handle from streammap(object, object_handle)return o;
}}
4.12 Define a class whose instances represent remote object references It should contain information
similar to that shown in Figure 4.10 and should provide access methods needed by the
request-reply protocol Explain how each of the access methods will be used by that protocol Give a
justification for the type chosen for the instance variable containing information about the
interface of the remote object
4.12 Ans.
class RemoteObjectReference{
private InetAddress ipAddress;
private int port;
private int time;
private int objectNumber;
private Class interface;
public InetAddress getIPaddress() ( return ipAddress;}
public int getPort() { return port;);
}
The server looks up the client port and IP address before sending a reply
The variable interface is used to recognize the class of a remote object when the reference is passed as
an argument or result Chapter 5 explains that proxies are created for communication with remote objects Aproxy needs to implement the remote interface If the proxy name is constructed by adding a standard suffix
to the interface name and all we need to do is to construct a proxy from a class already available, then its stringname is sufficient However, if we want to use reflection to construct a proxy, an instance of Class would beneeded CORBA uses a third alternative described in Chapter 17
4.13 Define a class whose instances represent request and reply messages as illustrated in Figure 4.13
The class should provide a pair of constructors, one for request messages and the other for reply
messages, showing how the request identifier is assigned It should also provide a method to
marshal itself into an array of bytes and to unmarshal an array of bytes into an instance
Trang 264.13 Ans.
private static int next = 0;
private int type private int requestId;
private RemoteObjectRef o;
private int methodId;
private byte arguments[];
public RequestMessage( RemoteObjectRef aRef,
int aMethod, byte[] args){
// converts itself into an array of bytes and returns it
} public RequestMessage unmarshall(byte [] message) {
// converts array of bytes into an instance of this class and returns it
} public int length() { // returns length of marshalled state} public int getID(){ return requestId;}
public byte[] getArgs(){ return arguments;}
}
4.14 Program each of the three operations of the request-reply protocol in Figure 4.123, using UDP
communication, but without adding any fault-tolerance measures You should use the classes you
defined in Exercise 4.12 and Exercise 4.13
4.14 Ans.
class Client{
DatagramSocket aSocket ; public static messageLength = 1000;
Client(){
aSocket = new DatagramSocket();
} public byte [] doOperation(RemoteObjectRef o, int methodId, byte [] arguments){
InetAddress serverIp = o.getIPaddress();
int serverPort = o.getPort();
RequestMessage rm = new RequestMessage(0, o, methodId, arguments );
byte [] message = rm.marshall();
DatagramPacket request = new DatagramPacket(message,message.length(0,serverIp, serverPort);
try{
aSocket.send(request);
byte buffer = new byte[messageLength];
DatagramPacket reply = new DatagramPacket(buffer, buffer.length);
aSocket.receive(reply);
return reply;
}catch (SocketException e){ }
} ] Class Server{
Trang 27private int serverPort = 8888;
public static int messageLength = 1000;
DatagramSocket mySocket;
public Server(){
mySocket = new DatagramSocket(serverPort);
// repeatedly call GetRequest, execute method and call SendReply }
public byte [] getRequest(){
byte buffer = new byte[messageLength];
DatagramPacket request = new DatagramPacket(buffer, buffer.length);
byte buffer = rm.marshall();
DatagramPacket reply = new DatagramPacket(buffer, buffer.length);
mySocket.send(reply);
} }
4.15 Give an outline of the server implementation showing how the operations getRequest and
sendReply are used by a server that creates a new thread to execute each client request Indicate
how the server will copy the requestId from the request message into the reply message and how
it will obtain the client IP address and port
4.15 Ans.
class Server{
private int serverPort = 8888;
public static int messageLength = 1000;
DatagramSocket mySocket;
public Server(){
mySocket = new DatagramSocket(serverPort);
while(true){
byte [] request = getRequest();
Worker w = new Worker(request);
} } public byte [] getRequest(){
//as above}
public void sendReply(byte[]reply, InetAddress clientHost, int clientPort){
// as above}
} class Worker extends Thread { InetAddress clientHost;
try{
req = request.unmarshal();
byte [] args = req.getArgs();
//unmarshall args, execute operation, // get results marshalled as array of bytes in result
Trang 28RequestMessage rm = new RequestMessage( requestId, result);
reply = rm.marshal();
sendReply(reply, clientHost, clientPort );
}catch { } }
}
4.16 Define a new version of the doOperation method that sets a timeout on waiting for the reply
message After a timeout, it retransmits the request message n times If there is still no reply, it
informs the caller
4.16 Ans.
With a timeout set on a socket, a receive operation will block for the given amount of time and then an
InterruptedIOException will be raised
In the constructor of Client, set a timeout of say, 3 seconds
Client(){
aSocket = new DatagramSocket();
aSocket.setSoTimeout(3000);// in milliseconds }
In doOperation, catch InterruptedIOException Repeatedly send the Request message and try to receive areply, e.g 3 times If there is no reply, return a special value to indicate a failure
public byte [] doOperation(RemoteObjectRef o, int methodId, byte [] arguments){
InetAddress serverIp = o.getIPaddress();
int serverPort = o.getPort();
RequestMessage rm = new RequestMessage(0, o, methodId, arguments );
byte [] message = rm.marshall();
DatagramPacket request = new DatagramPacket(message,message.length(0, serverIp, serverPort);
for(int i=0; i<3;i++){
try{
aSocket.send(request);
byte buffer = new byte[messageLength];
DatagramPacket reply = new DatagramPacket(buffer, buffer.length);
aSocket.receive(reply);
return reply;
}catch (SocketException e){);
} catch (InterruptedIOException e){}
} return null;
When the client sends a subsequent request it will receive the reply from the earlier call as a result If requestidentifiers are copied from request to reply messages, the client can reject the reply to the earlier message
4.18 Describe the ways in which the request-reply protocol masks the heterogeneity of operating
systems and of computer networks
Trang 29[In addition it may be implemented over either TCP or UDP.]
4.19 Discuss whether the following operations are idempotent:
• Pressing a lift (elevator) request button;
• Writing data to a file;
• Appending data to a file
Is it a necessary condition for idempotence that the operation should not be associated with any
The question of the relationship between idempotence and server state requires some careful clarification It
is a necessary condition of idempotence that the effect of an operation is independent of previous operations.Effects can be conveyed from one operation to the next by means of a server state such as a read-write pointer
or a bank balance Therefore it is a necessary condition of idempotence that the effects of an operation shouldnot depend on server state Note however, that the idempotent file write operation does change the state of afile
4.20 Explain the design choices that are relevant to minimizing the amount of reply data held at a
server Compare the storage requirements when the RR and RRA protocols are used
4.20 Ans.
To enable reply messages to be re-transmitted without re-executing operations, a server must retain the lastreply to each client When RR is used, it is assumed that a request message is an acknowledgement of the lastreply message Therefore a reply message must be held until a subsequent request message arrives from thesame client The use of storage can be reduced by applying a timeout to the period during which a reply isstored The storage requirement for RR = average message size x number of clients that have made requestssince timeout period When RRA is used, a reply message is held only until an acknowledgement arrives.When an acknowledgment is lost, the reply message will be held as for the RR protocol
4.21 Assume the RRA protocol is in use How long should servers retain unacknowledged reply data?
Should servers repeatedly send the reply in an attempt to receive an acknowledgement?
4.21 Ans.
The timeout period for storing a reply message is the maximum time that it is likely for any client to a transmit a request message There is no definite value for this, and there is a trade-off between safety and bufferspace In the case of RRA, reply messages are generally discarded before the timeout period has expiredbecause an acknowledgement is received Suppose that a server using RRA re-transmits the reply messageafter a delay and consider the case where the client has sent an acknowledgement which was late or lost Thisrequires (i) the client to recognise duplicate reply messages and send corresponding extra acknowledgementsand (ii) the server to handle delayed acknowledgments after it has re-transmitted reply messages This possibleimprovement gives little reduction in storage requirements (corresponding to the occasional lostacknowledgement message) and is not convenient for the single threaded client which may be otherwiseoccupied and not be in a position to send further acknowledgements
Trang 30re-4.22 Why might the number of messages exchanged in a protocol be more significant to performance
than the total amount of data sent? Design a variant of the RRA protocol in which the
acknowledgement is piggy-backed on, that is, transmitted in the same message as, the next request
where appropriate, and otherwise sent as a separate message (Hint: use an extra timer in the
client.)
4.22 Ans.
The time for the exchange of a message = A + B* length, where A is the fixed processing overhead and B isthe rate of transmission A is large because it represents significant processing at both sender and receiver; thesending of data involves a system call; and the arrival of a message is announced by an interrupt which must
be handled and the receiving process is scheduled Protocols that involve several rounds of messages tend to
be expensive because of paying the A cost for every message
The new version of RRA has:
The client always sends an acknowledgement, but it is piggy-backed on the next request if one arises in thenext T seconds It sends a separate acknowledgement if no request arises Each time the server receives arequest or an acknowledgement message from a client, it discards any reply message saved for that client
4.23 IP multicast provides a service that suffers from omission failures Make a test kit, possibly based
on the program in Figure 4.17, to discover the conditions under which a multicast message is
sometimes dropped by one of the members of the multicast group The test kit should be designed
to allow for multiple sending processes
4.23 Ans.
The program in Figure 4.17 should be altered so that it can run as a sender or just a receiver A programargument could specify its role As in Exercise 4.3 the number of messages and their size should be variableand a sequence number should be sent with each one Each recipient records the last sequence number fromeach sender (sender IP address can be retrieved from datagrams) and prints out any missing sequence numbers.Test with several senders and receivers and message sizes to discover the load required to cause droppedmessages.The test kit should be designed to allow for multiple sending processes
4.24 Outline the design of a scheme that uses message retransmissions with IP multicast to overcome
the problem of dropped messages Your scheme should take the following points into account:
i) there may be multiple senders;
ii) generally only a small proportion of messages are dropped;
iii) unlike the request-reply protocol, recipients may not necessarily send a message within any particular time limit
Assume that messages that are not dropped arrive in sender ordering
receive Requestsend Replyreceive Reply
set timer to send Acknowledgement after delay T
receive Acknowledgement
Trang 31For point (ii) a negative acknowledgement scheme is preferred (recipient requests missing messages,rather than acknowledging all messages) When they notice a missing message, they send a message to thesender to ask for it To make this work, the sender must store all recently sent messages for retransmission.The sender re-transmits the messages as a unicast datagram.
Point (iii) - refers to the fact that we can’t rely on a reply as an acknowledgement Withoutacknowledgements, the sender will be left holding all sent messages in its store indefinitely Possible solutions:a) senders discards stored messages after a time limit b) occasional acknowledgements from recipients whichmay be piggy backed on messages that are sent
Note requests for missing messages and acknowledgments are simple - they just contain the sequencenumbers of a range of lost messages
4.25 Your solution to Exercise 4.24 should have overcome the problem of dropped messages in IP
multicast In what sense does your solution differ from the definition of reliable multicast?
4.25 Ans.
Reliable multicast requires that any message transmitted is received by all members of a group or none ofthem If the sender fails before it has sent a message to all of the members (e.g if it has to retransmit a message)
or if a gateway fails, then some members will receive the message when others do not
4.26 Devise a scenario in which multicasts sent by different clients are delivered in different orders at
two group members Assume that some form of message retransmissions are in use, but that
messages that are not dropped arrive in sender ordering Suggest how recipients might remedy this
situation
4.26 Ans.
Sender1 sends request r1 to members m1 and m2 but the message to m2 is dropped
Sender2 sends request r2 to members m1 and m2 (both arrive safely)
Sender1 re-transmits request r1 to member m2 (it arrives safely)
Member m1 receives the messages in the order r1;r2 However m2 receives them in the order r2;r1
To remedy the situation Each recipient delivers messages to its application in sender order When it receives
a message that is ahead of the next one expected, it hold it back until it has received and delivered the earlierre-transmitted messages
4.27 Define the semantics for and design a protocol for a group form of request-reply interaction, for
example using IP multicast
4.27 Ans.
The group request-reply protocol should not use a request-reply to each member Instead, the request message
is multicast to all the members of the group But there is a question as to how many replies should betransmitted As examples: a request to a replicated or a partitioned service requires only one reply In the firstcase from any member and in the second case from the server with the information In contrast a request for avote requires a majority of replies that agree; and a request for a reading on a sensor requires all replies Thesemantics should allow the client to specify the number of replies required
In a group request-reply protocol, the request message is multicast to all the members of the group, using aretransmission scheme like that of the request-reply protocol to deal with lost messages This requires that eachmember returns either an acknowledgement or a reply The client’s communication software collates andfilters these replies, returning the desired number of replies to the client
The protocol must deal with the case when there are less replies that the number specified, either by selectivere-transmission of the request messages or by repeating the multicast request
Trang 32Chapter 5 Exercise Solutions
5.1 The Election interface provides two remote methods:
vote: with two parameters through which the client supplies the name of a candidate (a string) and the
‘voter’s number’ (an integer used to ensure each user votes once only) The voter’s numbers areallocated sparsely from the range of integers to make them hard to guess
result: with two parameters through which the server supplies the client with the name of a candidate and the number of votes for that candidate
Which of the parameters of these two procedures are input and which are output parameters?
5.1 Ans.
vote: input parameters: name of candidate, voter’s number;
result: output parameters: name of candidate, number of votes
5.2 Discuss the invocation semantics that can be achieved when the request-reply protocol isimplemented over a TCP/IP connection, which guarantees that data is delivered in the order sent,without loss or duplication Take into account all of the conditions causing a connection to bebroken
5.2 Ans.
A process is informed that a connection is broken:
• when one of the processes exits or closes the connection
• when the network is congested or fails altogetherTherefore a client process cannot distinguish between network failure and failure of the server
Provided that the connection continues to exist, no messages are lost, therefore, every request willreceive a corresponding reply, in which case the client knows that the method was executed exactly once.However, if the server process crashes, the client will be informed that the connection is broken and theclient will know that the method was executed either once (if the server crashed after executing it) or not at all(if the server crashed before executing it)
But, if the network fails the client will also be informed that the connection is broken This may havehappened either during the transmission of the request message or during the transmission of the replymessage As before the method was executed either once or not at all
Therefore we have at-most-once call semantics
5.3 Define the interface to the Election service in CORBA IDL and Java RMI Note that CORBA IDLprovides the type long for 32 bit integers Compare the methods in the two languages forspecifying input and output arguments
Trang 33interface Election { void vote(in string name, in long number);
void result(out string name, out long votes);
};
Java RMI
We need to define a class for the result e.g
class Result { String name;
int votes;
}
The interface is:
import java.rmi.*;
public interface Election extends Remote{
void vote(String name, int number) throws RemoteException;
Result result () throws RemoteException;
};
This example shows that the specification of input arguments is similar in CORBA IDL and Java RMI.This example shows that if a method returns more than one result, Java RMI is less convenient thanCORBA IDL because all output arguments must be packed together into an instance of a class
5.4 The Election service must ensure that a vote is recorded whenever any user thinks they have cast
a vote
Discuss the effect of maybe call semantics on the Election service
Would at-least-once call semantics be acceptable for the Election service or would you
recommend at-most-once call semantics?
5.4 Ans.
Maybe call semantics is obviously inadequate for vote! Ex 5.1 specifies that the voter’s number is used toensure that the user only votes once This means that the server keeps a record of who has voted Therefore at-least-once semantics is alright, because any repeated attempts to vote are foiled by the server
5.5 A request-reply protocol is implemented over a communication service with omission failures to
provide at-least-once RMI invocation semantics In the first case the implementor assumes an
asynchronous distributed system In the second case the implementor assumes that the maximum
time for the communication and the execution of a remote method is T In what way does the latter
assumption simplify the implementation?
5.5 Ans.
In the first case, the implementor assumes that if the client observes an omission failure it cannot tell whether
it is due to loss of the request or reply message, to the server having crashed or having taken longer than usual.Therefore when the request is re-transmitted the client may receive late replies to the original request Theimplementation must deal with this
In the second case, an omission failure observed by the client cannot be due to the server taking too long.Therefore when the request is re-transmitted after time T, it is certain that a late reply will not come from theserver There is no need to deal with late replies
5.6 Outline an implementation for the Election service that ensures that its records remain consistent
when it is accessed concurrently by multiple clients
5.6 Ans.
Suppose that each vote in the form {String vote, int number} is appended to a data structure such as a Java
Vector Before this is done, the voter number in the request message must be checked against every vote
Trang 34recorded in the Vector Note that an array indexed by voter’s number is not a practical implementation as thenumbers are allocated sparsely.
The operations to access and update a Vector are synchronized, making concurrent access safe Alternatively use any form of synchronization to ensure that multiple clients’ access and updateoperations do not conflict with one another
5.7 The Election service must ensure that all votes are safely stored even when the server process
crashes Explain how this can be achieved with reference to the implementation outline in your
answer to Exercise 5.6
5.7 Ans.
The state of the server must be recorded in persistent storage so that it can be recovered when the server isrestarted It is essential that every successful vote is recorded in persistent storage before the client request isacknowledged
A simple method is to serialize the Vector of votes to a file after each vote is cast
A more efficient method would append the serialized votes incrementally to a file
Recovery will consist of de-serializing the file and recreating a new vector
5.8 Show how to use Java reflection to construct the client proxy class for the Election interface Give
the details of the implementation of one of the methods in this class, which should call the method
doOperation with the following signature:
byte [] doOperation (RemoteObjectRef o, Method m, byte[] arguments);
Hint: an instance variable of the proxy class should hold a remote object reference (see Exercise 4.12)
5.8 Ans.
Use classes Class and Method Use type RemoteObjectRef as type of instance variable The class Class hasmethod getMethod whose arguments give class name and an array of parameter types The proxy’s vote
method, should have the same parameters as the vote in the remote interface - that is: two parameters of type
String and int Get the object representing the vote method from the class Election and pass it as the secondargument of doOperation The two arguments of vote are converted to an array of byte and passed as the thirdargument of doOperation.
import java.lang.reflect;
class VoteProxy { RemoteObjectRef ref;
private static Method voteMethod;
private static Method resultMethod;
static { try { voteMethod = Election.class.getMethod ("vote", new Class[]
{java.lang.String.class,int.class}));
resultMethod = Election.class.getMethod ("result", new Class[] {}));
}catch(NoSuchMethodException){}
} public void vote (String arg1, int arg2) throws RemoteException {
try { byte args [] = // convert arguments arg1 and arg2 to an array of bytes
byte result = DoOperation(ref, voteMethod, args);
} catch ( ) {}
}
Trang 355.9 Show how to generate a client proxy class using a language such as C++ that does not support
reflection, for example from the CORBA interface definition given in your answer to Exercise 5.3
Give the details of the implementation of one of the methods in this class, which should call the
method doOperation defined in Figure 4.12
5.9 Ans.
Each proxy method is generated from the signature of the method in the IDL interface,e.g
void vote(in string name, in long number);
An equivalent stub method in the client language e.g C++ is produced e.g
void vote(const char *vote, int number)
Each method in the interface is given a number e.g vote = 1, result = 2
use char args[length of string + size of int] and marshall two arguments into this array and call doOperation
as follows:
char * result = DoOperation(ref, 1, args);
we still assume that ref is an instance variable of the proxy class A marshalling method is generated for eachargument type used
5.10 Explain how to use Java reflection to construct a generic dispatcher Give Java code for a
dispatcher whose signature is:
public void dispatch(Object target, Method aMethod, byte[] args)
The arguments supply the target object, the method to be invoked and the arguments for that
method in an array of bytes
5.11 Exercise 5.8 required the client to convert Object arguments into an array of bytes before invoking
doOperation and Exercise 5.10 required the dispatcher to convert an array of bytes into an array
of Objects before invoking the method Discuss the implementation of a new version of
doOperation with the following signature:
Object [] doOperation (RemoteObjectRef o, Method m, Object[] arguments);
which uses the ObjectOutputStream and ObjectInputStream classes to stream the request and reply
messages between client and server over a TCP connection How would these changes affect the
design of the dispatcher?
5.11 Ans.
The method DoOperation sends the invocation to the target’s remote object reference by setting up a TCPconnection (as shown in Figures 4.5 and 4.6) to the host and port specified in ref It opens an
ObjectOutputStream and uses writeObject to marshal ref, the method, m and the arguments by serializing them
to an ObjectOutputStream For the results, it opens an ObjectIntputStream and uses readObject to get theresults from the stream
At the server end, the dispatcher is given a connection to the client and opens an ObjectIntputStream anduses readObject to get the arguments sent by the client Its signature will be:
Trang 36public void dispatch(Object target, Method aMethod)
5.12 A client makes remote procedure calls to a server The client takes 5 milliseconds to compute the
arguments for each request, and the server takes 10 milliseconds to process each request The local
operating system processing time for each send or receive operation is 0.5 milliseconds, and the
network time to transmit each request or reply message is 3 milliseconds Marshalling or
unmarshalling takes 0.5 milliseconds per message
Calculate the time taken by the client to generate and return from two requests:
(i) if it is single-threaded, and
(ii) if it has two threads that can make requests concurrently on a single processor
You can ignore context-switching times Is there a need for asynchronous RPC if client and server
processes are threaded?
5.12 Ans.
i) time per call = calc args + marshal args + OS send time + message transmission +
OS receive time + unmarshall args + execute server procedure+ marshall results + OS send time + message transmission +
OS receive time + unmarshal args
= 5 + 4*marshal/unmarshal + 4*OS send/receive + 2*message transmission + execute server procedure
= 5+ 4*0.5 + 4*0.5 + +2*3 + 10 ms = 5+2+2+6+10 =25ms
Time for two calls = 50 ms
ii) threaded calls:
client does calc args + marshal args + OS send time (call 1) = 5+.5=.5 = 6
then calc args + marshal args + OS send time (call 2) = 6
= 12 ms then waits for reply from first callserver gets first call after
message transmission + OS receive time + unmarshal args = 6+ 3+.5+.5
= 10 ms, takes 10+1 to execute, marshal, send at 21 msserver receives 2nd call before this, but works on it after 21 ms taking
10+1, sends it at 32 ms from startclient receives it 3+1 = 4 ms later i.e at 36 ms
(message transmission + OS receive time + unmarshal args) laterTime for 2 calls = 36 ms
5.13 Design a remote object table that can support distributed garbage collection as well as translating
between local and remote object references Give an example involving several remote objects and
proxies at various sites to illustrate the use of the table Show what happens when an invocation
causes a new proxy to be created Then show what happens when one of the proxies becomes
unreachable
5.13 Ans.
The table will have three columns containing the local reference and the remote reference of a remote objectand the virtual machines that currently have proxies for that remote object There will be one row in the tablefor each remote object exported at the site and one row for each proxy held at the site
To illustrate its use, suppose that there are 3 sites with the following exported remote objects:
and that proxies for A1 are held at S2 and S3; a proxy for B1 is held at S3
Trang 37Then the tables hold the following information:.
Now suppose that C1(at S3) invokes a method in B1 causing it to return a reference to B2 The table at S2 adds
the holder S3 to the entry for B2 and the table at S3 adds a new entry for the proxy of B2
Suppose that the proxy for A1 at S3 becomes unreachable S3 sends a message to S1 and the holder S3
is removed from A1 The proxy for A1 is removed from the table at S3
5.14 A simpler version of the distributed garbage collection algorithm described in Section 5.2.6 just
invokes addRef at the site where a remote object lives whenever a proxy is created and removeRef
whenever a proxy is deleted Outline all the possible effects of communication and process failures
on the algorithm Suggest how to overcome each of these effects, but without using leases
5.14 Ans.
AddRef message lost - the owning site doesn’t know about the client’s proxy and may delete the remote object
when it is still needed (The client does not allow for this failure)
RemoveRef message lost - the owning site doesn’t know the remote object has one less user It may continue
to keep the remote object when it is no longer needed
Process holding a proxy crashes - owning site may continue to keep the remote object when it is no longer
needed
Site owning a remote object crashes Will not affects garbage collection algorithm
Loss of addRef is discussed in the Section 5.2.6
When a removeRef fails, the client can repeat the call until either it succeeds or the owner’s failure hasbeen detected
One solution to a proxy holder crashing is for the owning sites to set failure detectors on holding sitesand then remove holders after they are known to have failed
5.15 Discuss how to use events and notifications as described in the Jini distributed event specification
in the context of the shared whiteboard application The RemoteEvent class is defined as follows
in Arnold et al [1999]
public class RemoteEvent extends java.util.EventObject { public RemoteEvent(Object source, long eventID, long seqNum, MarshalledObject handback) public Object getSource () {…}
public long getID() {…}
public long getSequenceNumber() {…}
public MarshalledObject getRegistrationObject() {…}
}
The first argument of the constructor is a remote object Notifications inform listeners that an event
has occurred but the listeners are responsible for obtaining further details
5.15 Ans.
Event identifier, evIDs Decided by the EventGenerator Simplest solution is just to have one type of event
-the addition of a new GraphicalObject Other event types could for example refer to deletion of a
GraphicalObject
Clients need to be notified of the remote object reference of each new GraphicalObject that is added to the
server Suppose that an object in the server is the EventGenerator It could implement the EventGenerator
interface and provide the register operation, or it could be done more simply
Trang 38e.g addListener(RemoteEventListener listener, long evID)
// add this listener to a vector of listeners
This would be better if Leases were used to avoid dealing with lost clients.
The newShape method of shapeListServant (Figure 5.14) could be the event generator It will notify all
of the EventListeners that have registered with it, each time a new GraphicalObject is added e.g.
RemoteEvent event = new RemoteEvent(this, ADD_EVENT, version, null) for all listeners in the vector
listener.notify(event) Each client creates an RemoteEventListener for receiving notifications of events and then registers interest in events with the server, passing the EventListener as argument.
class MyListener implements RemoteEventListener { public MyListener() throws RemoteException[
} public void notify(RemoteEvent event) throws UnknownEventException, RemoteException {
Object source = getSource();
long id = event.getID();
long version = event.getSequenceNumber();
// get the newly created GraphicalObject from the server
} }
Then to become a listener (add the following to the client program shown in Figure 5.15):
sList.addListener(new MyListener(), ADD_EVENT);
The client getting the newGraphicalObject needs to be able to get it directly from the version number, rather than by getting the list of Shapes and then getting the GraphicalObject The interface to ShapeList could be
amended to allow this
5.16 Suggest a design for a notification mailbox service which is intended to store notifications on
behalf of multiple subscribers, allowing subscribers to specify when they require notifications to
be delivered Explain how subscribers that are not always active can make use of the service you
describe How will the service deal with subscribers that crash while they have delivery turned on?
5.16 Ans.
The Mailbox service will provide an interface allowing a client to register interest in another object The client
will need to know the RemoteEventListener provided by the Mailbox service so that notifications may be passed from event generators to the RemoteEventListener and then on to the client The client will also need a
means of interacting with the Mailbox service so as to turn delivery on and off Therefore define register asfollows:
Registration register()
The result is a reference to a remote object whose methods enable the client to get a reference to a
RemoteEventListener and to turn delivery on and off.
To use the Mailbox service, the client registers with it and receives a Registration object, which it saves
in a file It registers the RemoteEventListener provided by the Mailbox service with all of the EventGenerators whose events it wants to have notification of If the client crashes, it can restore the Registration object when
it restarts Whenever it wants to receive events it turns delivery on and when it does not want them it turnsdelivery off
The design should make it possible to specify a lease for each subscriber
5.17 Explain how a forwarding observer may be used to enhance the reliability and performance of
objects of interest in an event service
5.17 Ans.
Reliability:
The forwarding observer can retry notifications that fail at intervals of time
Trang 39If the forwarding observer is on the same computer as the object of interest, then the two could not failindependently.
Performance:
The forwarding observer can optimize multicast protocols to subscribers
In Jini it could deal with renewing leases
5.18 Suggest ways in which observers can be used to improve the reliability or performance of your
solution to Exercise 5.13
5.18 Ans.
The server can be relieved of saving information about all of the clients’ interests by creating a forwardingagent on the same computer the forwarding agent could use a multicast protocol to send notifications to theclients IP multicast would do since it is not crucial that every notification be received A missed versionnumber can be rectified as soon as another one is received
Trang 40Chapter 6 Exercise Solutions
6.1 Discuss each of the tasks of encapsulation, concurrent processing, protection, name resolution,
communication of parameters and results, and scheduling in the case of the UNIX file service (orthat of another kernel that is familiar to you)
6.1 Ans.
We discuss the case of a single computer running Unix
Encapsulation: a process may only access file data and attributes through the system call interface
Concurrent processing: several processes may access the same or different files concurrently; a process thathas made a system call executes in supervisor mode in the kernel; processes share all file-system-related data,including the block cache
Protection: users set access permissions using the familiar user/group/other, rwx format Address spaceprotection and processor privilege settings are used to restrict access to file data and file system data in memoryand prevent direct access to storage devices Processes bear user and group identifiers in protected kerneltables, so the problem of authentication does not arise
Name resolution: pathnames (for example, /usr/fred) are resolved by looking up each component in turn Eachcomponent is looked up in a directory, which is a table containing path name components and thecorresponding inodes If the inode is that of a directory then this is retrieved; and the process continues untilthe final component has been resolved or an error has occurred Special cases occur when a symbolic link ormount point is encountered
Parameter and result communication: parameters and results can be communicated by a) passing them inmachine registers, b) copying them between the user and kernel address spaces, or c) by mapping data blockssimultaneously in the two address spaces
Scheduling: there are no separate file system threads; when a user process makes a file system call, it continuesexecution in the kernel
NFS is discussed in Section 8.2
6.2 Why are some system interfaces implemented by dedicated system calls (to the kernel), and others on top ofmessage-based system calls?
6.2 Ans.
Dedicated system calls are more efficient for simple calls than message-based calls (in which a system action
is initiated by sending a message to the kernel, involving message construction, dispatch etc.)
However, the advantage of implementing a system call as an RPC is that then a process can perform operationstransparently on either remote or local resources
6.3 Smith decides that every thread in his processes ought to have its own protected stack – all other regions in aprocess would be fully shared Does this make sense?
6.3 Ans.
If every thread has its own protected stack, then each must have its own address space Smith’s idea is betterdescribed as a set of single-threaded processes, most of whose regions are shared The advantage of sharing
an address space has thus been lost
Distributed Systems: Concepts and Design
Edition 3
By George Coulouris, Jean Dollimore and Tim Kindberg Addison-Wesley, ©Pearson Education 2001